Mega-man: The fast, fabulous, fraudulent life of Megaupload’s Kim Dotcom

Megaupload founder Kim Dotcom's long journey from Germany to a New Zealand …

Since the shutdown of Megaupload, stories have erupted about the life and exploits of the company's founder, a self-styled "Dr. Evil" of file sharing. Kim Dotcom's opulent digs, high-end cars, fondness for models and other Bond-villain-esque behaviors have been splashed across websites and have confused evening newscasts for the last week.

The man once known as Kim Schmitz (and as Kimble, and as Kim Tim Jim Vestor, and finally as Kim Dotcom), now awaiting extradition from New Zealand to face charges of conspiracy, money laundering and copyright crimes in the US, has enveloped his actual life in a cloud of hype and bluster that echo the worst of the dot-com bubble from which he took his new surname. In 2001, the Telegraph called Schmitz "a PR man's nightmare and a journalist's dream."

Schmitz wrote recently that all that's behind him now; a family man, he's even happy to meet the neighbors for coffee. But when New Zealand police arrived at his mansion outside Auckland last week with helicopters, they cut their way through various locks and then into the home's safe room, where Dotcom was reportedly standing close to a sawed-off shotgun, and they took him into custody. The worldwide raids, in which hundreds of servers were also seized in the US and in which 100 officers raided homes and offices in Hong Kong, have just added another layer to the legend Dotcom has been building since he was a teenager: god of hackers, Midas-touch Internet investor, Modern Warfare 3 multiplayer champion.

Dotcom has gone out of his way since the early 1990s to put himself at the center of media attention. He's certainly got it now. But who, really, is this guy?

The rise of Kimble

Kim Dotcom enjoys a bath with balloons.

kimble.org (republished through Twitter by @Kim_Dotcom)

Born in Kiel, Germany to a Finnish mother (the source of his dual citizenship), Schmitz has made a career out of being larger than life, which seems appropriate for a six foot, six inch man (give or take an inch—his height seems to change with every report) who can fill a room with his 300+ pound presence.

In the early 1990s, Schmitz used a little hacker cred and the growing paranoia over the powers of computer hackers and phreakers to launch a media-powered cybersecurity career. He got his first shot at media stardom in 1992, when he was interviewed by the German press and then featured in a December Forbes article on the "computer hacker crime wave." Schmitz took advantage of the complete lack of technical credibility of reporters and the growing "hacker mystique" to create a sexier, more dangerous version of himself—if not James Bond, then Dr. No.

Giving his hacker handle "Kimble" (which he later claimed was taken from the name of the main character in the film The Fugitive), and claiming to be the leader of an international hacker group called Dope, Schmitz said he had hacked hundreds of US companies' PBX systems and was selling the access codes at $200 a pop, bragging that "every PBX is an open door to me." He also claimed to have developed an encrypted phone that could not be tapped, and to have sold a hundred of them.

In his 2001 interview with the Telegraph, he also claimed to have hacked Citibank and transferred $20 million to Greenpeace, a claim refuted by Greenpeace, which had a total operating budget of just twice that in the mid-1990s. (While Citi was hacked in 1996, it was by a group of Russian hackers—and they certainly didn't donate the money to charity.) He also claimed to have hacked NASA and said that he had accessed Pentagon systems to read top-secret information on Saddam Hussein during the Gulf War.

There's no record to substantiate most of this; perhaps some of it is true. What he did do was steal phone calling card codes and conduct a premium number fraud similar to the recent rash of Filipino phreaking frauds. He bought stolen phone card account information from American hackers. After setting up premium toll chat lines in Hong Kong and in the Caribbean, he used a "war dialer" program to call the lines using the stolen card numbers—ringing up €61,000 in ill-gained profits.

Schmitz was also playing pirate in other ways. Andreas Bogk, a member of the Chaos Computer Club, recently told the Wall Street Journal that Schmitz set up a computer system for the uploading and downloading of pirated PC software, charging people for access. (Schmitz exposed the scheme in an interview with a German television news program, and it was subsequently shut down by Deutsche Telekom.)

Schmitz's efforts to branch into the "legit" world of security consulting with his security company Data Protect initially backfired by exposing his real identity—and by allowing it to be connected to his hacker credentials. In March of 1994, he was arrested by police for trafficking in stolen phone calling card numbers. He was held in custody for a month, then arrested again on additional hacking charges shortly afterward—and again released. In 1998, he was convicted of 11 counts of computer fraud, 10 counts of data espionage, and an assortment of other charges. He received a two-year suspended sentence—because, at just 20, he was declared "under age" at the time the crimes were committed.

But Schmitz used the notoriety to boost his security business. He soon landed a security contract for Data Protect with the airline Lufthansa by demonstrating an apparent security vulnerability—though according to claims by others in the German hacking community, his connection to the airline was thanks to collaboration with an insider there, and to the hacking skills of an accomplice.

The influx of cash began to fuel Schmitz's fantasy fulfillment engine, funding his love of fast cars and outrageous antics. He promoted his new bad-boy rich hacker genius image through a bizarre Flash movie called Kimble, Special Agent, in which his cartoon alter-ego drives a "Megacar" and then a "Megaboat" before breaking into Bill Gates' compound and riddling the wall behind Gates with a machine gun (spelling out "Linux" with bullet holes). The cartoon was the first public demonstration of Schmitz's obsession with all things Mega.

Rags to riches

A year after the slap on the wrist, Schmitz shifted his focus from phone fraud to Internet start-ups. Almost from the beginning, he made an effort to portray himself as someone who was Germany's answer to Silicon Valley—even if he was closer to Pets.com than to Yahoo.

His first effort tied together two of the great loves of his life: the Internet and expensive cars. Schmitz and Data Protect led the development of a real Megacar, an Internet-connected luxury car system with its own Pentium III Windows NT on-board computer, router, multi-camera video conferencing system, and 17-inch display. To get the broadband bandwidth required, the car had 16 multiplexed GSM cellular connections.The sticker price started at $90,000.

While it went nowhere, the press it received helped raise the profile of Data Protect—and of Schmitz. Schmitz was also making other efforts to create his persona. In 1999, according to New Zealand's Investigate magazine (PDF), he was spotted at the airport in Munich getting his picture taken inside parked airplanes, which he then used to suggest that he owned them.

In 2000, Schmitz sold an 80 percent stake in Data Protect to the German conglomerate TÜV Rheinland, which bought the company for its "in-depth network expertise." Schmitz held the remaining stake through his new holding company, Kimvestor.

Flush with at least some cash, Schmitz was quick to burn some of it by waving his own particular brand of freak flag. He hired a German centerfold, a collection of other actors, a film crew, and fast car aficionados for a self-produced film called Kimble Goes Monaco—a road movie about a lavish trip to Monaco, including a cruise on a rented yacht. The movie was punctuated with Schmitz playing with expensive toys, and featured a bizarre Bill-Gates-is-spying-on-me subplot.

Kimble Goes Monaco

The image Schmitz was selling was embraced by the press, as a 2001 Guardian report on his "rags to riches" tale shows:

The 6'4", 18-stone giant has since divided his time between growing Kimvestor - which he values at 200m euros - and spending his money on top models, fast cars and expensive boats. He now owns a Challenger jet, a helicopter, several sports cars and a yacht. Last May he spent $1m (£684,000) chartering a 240-foot luxury yacht for a week, mooring it in Monte Carlo harbour for the Monaco Formula One Grand Prix and throwing lavish parties for guests including Prince Ranier of Monaco.

Also, I have a lot of sympathy for some poor kid that gets railroaded or made an example of because he has a server up that shares links to copyrighted material. But this guy...this guy is waaaay beyond that. I don't see Cory Doctorow or the Dixie Chicks coming to his defense any time soon.

Its amazing how small the world is.I'm personal friends with one of the graphic designers who helped build the website for Trendax... I don't know where the information about how much money was spent on the site came from, because my friend never got paid... And never charged nearly that much money for it anyway.

Schmitz's efforts to branch into the "legit" world of security consulting with his security company Data Protect initially backfired by exposing his real identity—and by allowing it to be connected to his hacker credentials.

Wonder what will happen to current pirates? Will their past follow them?BTW aside from first name he apparently had something else in common with the former leader of North Korea. Both craved attention, and had the lifestyle to prove it.

Indeed. Excellent lens flare execution. And an interesting article too. Sounds like almost everything he's ever done is either criminal or dishonest, but given my difficulty settling into a career despite being very good at what I do, I almost feel a strange respect for someone who knew exactly what he wanted, embraced his delusions, and chartered that 240-foot luxury yacht.

It would seem that if he could make this much money making the distribution of music and videos easy for so many people that the RIAA and MPAA could too.

I'm not defending the illegal stuff, just noting that the official distributers of the content should take note on how to Mega made money. If the official distributers would make it this easy to get content there probably wouldn't be any need for sites like Megauploads, and they would make more money than they do now.

It sounds like Germany's "justice" system is just as much as a sieve as the one in the U.S. It is great for keeping lawyers and judges employed. Why lock up criminals when complaining about the workload just leads to more funding?

OK, so what? Would I be friends with Kim Dotcom? No,probably not. But what does that have to do with MegaUpload, or MegaBox? All these holier-than-thou commentators (in other threads) how it is such a shame that they are "making money off piracy" should realize that there is no alternative. In many countries in Europe, downloading of music recordings is completely legal, but uploading is not. That is how they get p2p-users there: you can't download without uploading at the same time. MegaUpload c.s. made this possible: download, don't upload.

Simple answer: legalize non-commercial file sharing (the Greens/European Freedom Alliance group in the European Parliament, for instance, supports this as well as all the Pirate Parties around the world). All the same arguments that apply legalizing drugs apply here as well, except for the counter-argument (health issues) does not apply. Labels etc. can still make money: they are allowed commercial use: showing ads, subscription models which also offer cloud storage, guaranteed quality, easy to find, etc.). Non-commercial users would have to pay for the infrastructure out of their own pocket.

That guy from GoDaddy was shooting elephants.Our friend from Microsoft is throwing chairs and is running on a stage like crazyWho else knows what C-level executives in the IT business (or Entertainment Industry, for that matter - see the tabloids) do that is being kept under tight wraps?

It's fine to have a "Kim Dotcom sucks" article. It doesn't change anything about file lockers.

At first I thought this guy was just another con-artist (if not an exceptionally good one) until I read this part:

"He registered Kimpire Limited in December 2002, soon after moving to Hong Kong. The holding company's first offspring was Trendax, "the money making machine"—an allegedly artificial intelligence-driven hedge fund that mostly got attention for its Flash-heavy homepage."

<snip> Sounds like almost everything he's ever done is either criminal or dishonest, but given my difficulty settling into a career despite being very good at what I do, I almost feel a strange respect for someone who knew exactly what he wanted, embraced his delusions, and chartered that 240-foot luxury yacht.

You know, slightly different career path and we would be calling him a politician not a pirate.

Goofball_Jones wrote:

You know, there's a movie in this somewhere....<snip.

Funny, I was thinking the same thing. In my mind I see him hooking up with the Barefoot Bandit (Colton Harris-Moore). The ill matched duo then go out on a series of globetrotting hijinks and hilarity ensues.

Sounds like almost everything he's ever done is either criminal or dishonest, but given my difficulty settling into a career despite being very good at what I do, I almost feel a strange respect for someone who knew exactly what he wanted, embraced his delusions, and chartered that 240-foot luxury yacht.

In many countries in Europe, downloading of music recordings is completely legal, but uploading is not. That is how they get p2p-users there: you can't download without uploading at the same time. MegaUpload c.s. made this possible: download, don't upload.

your are a bit confused.its hosting, dissemination, that gets you in trouble. not specifically "uploading." megaupload was doing this.thats one point.

as for your last sentence about download functionality, that really misses the point of what copyright holders find the problem to be.

Dotcom or Maddof? Oh yea - Maddof's scheme earned less money, paid more and they didnt use helicopters to bring him down. Dotom might have gotten off if he'd collapsed the ecoomy and convinced gov'ts to give him a bail-out. He courted the wrong side.

Sean Gallagher / Sean is Ars Technica's IT Editor. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland.